theY4Kman / parsuricata
Parse Suricata rules
☆12Updated last year
Alternatives and similar repositories for parsuricata:
Users that are interested in parsuricata are comparing it to the libraries listed below
- Pure python parser for Snort/Suricata rules.☆29Updated last year
- Suricata rule and intel index☆30Updated last week
- Command-line tool to format and syntax highlight Suricata rules☆13Updated 5 years ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆23Updated last year
- automatic enumeration and maintenance of Suricata monitoring interfaces☆11Updated 5 years ago
- Meer is a "spooler" for Suricata / Sagan.☆29Updated last year
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 10 months ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 4 years ago
- Go implementation of the Community ID flow hashing standard☆20Updated 3 weeks ago
- Configuring the Suricata IDS to detect DoS attacks by adding custom rule file.☆39Updated 4 years ago
- Build a local copy of MITRE ATT&CK and CAPEC. Server mode for easy querying.☆32Updated this week
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- pyJARM is a library for doing JARM fingerprinting using python☆49Updated last week
- Golang based web service to scan files with yara rules☆27Updated 7 years ago
- Community-based CybergON-powered Suricata rules☆12Updated 2 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12Updated 3 years ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆10Updated 3 years ago
- A dsniff project using bro☆10Updated 9 years ago
- Repository to provide files related to our blog articles.☆16Updated last year
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 8 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- NIST Information Security Continuous Monitoring (ISCM) and configuration baseline data collector☆16Updated last year
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆87Updated 11 months ago
- Application and service identification rules for Suricata☆29Updated 2 years ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Updated last month
- A simple way of detecting multithreaded exfiltration in Zeek.☆14Updated 2 years ago
- suricata eve.json parser in Go☆14Updated 5 years ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆14Updated 3 years ago
- A tools to work on suricata stats.log file.☆28Updated 9 years ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆22Updated 3 years ago